UROP Openings

MIPS Security Exploit Generation

Term:

Summer

Department:

6: Electrical Engineering and Computer Science

Faculty Supervisor:

Martin Rinard

Faculty email:

rinard@csail.mit.edu

Apply by:

June 2020

Contact:

rinard@csail.mit.edu

Project Description

We need to be able to create stack overflow exploits on the MIPS
architecture. On other architectures (x86 and ARM) we use ROP to
get around non-executable stacks. MIPS evidently had a bug that until
recently allowed the stack to be executable. However there is a caching
issue because MIPS has separate instruction and data caches. Thus when
executing off the stack, the wrong instructions are execute. Supposedly
this can be cleared by executing some system calls. Some detail about this
may be available at:
https://blog.senr.io/blog/why-is-my-perfectly-good-shellcode-not-working-cache-coherency-on-mips-and-arm
We'd like to see if there is some sort of solution for this problem
short of using ROP (or perhaps with a very short and easy to generate
ROP chain).

Pre-requisites

Interest in computer security, ability to understand the project, and an interest in the project.